This flaw was found during the resolution of a Cisco TAC support case. The vulnerability is caused by improper handling of socket resources in the ip-SLA Responder application code. An attacker could exploit the vulnerability by sending designed IP-SLA packets to an affected device. An exploit could allow the attacker to create an interface, which could lead to a possible denial of service (DoS) condition on the affected device. It is well known that only the products listed in the Sensitive Products section of this Recommendation are affected by this vulnerability. The vulnerability allows a remote attacker to perpetrate a denial of service (DoS) attack. The Cisco Product Security Incident Response (PSIRT) team is not aware of any public announcements or malicious use of the vulnerability described in this recommendation. When customers are considering software upgrades, it is recommended that you regularly review the Cisco Product Advisories available on the Cisco Security Advisories and Alerts site to determine exposure and a complete upgrade solution. bst.cloudapps.cisco.com/bugsearch/bug/CSCvf37838 This recommendation is available at the following link: tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-ipsla-dos This vulnerability affects routers that are running vulnerable versions of Cisco IOS and XE software and that have been configured for IP-SLA response operations.
There is no workaround that addresses this vulnerability. For more information about Cisco`s policies and releases related to breach disclosure, please see the Vulnerability Directive. This document also contains instructions for recovering fixed software and receiving information about Cisco security vulnerabilities. Cisco has released software updates that address this security vulnerability. There is no workaround that addresses this vulnerability. Is there any known malware that exploits this flaw? To help customers identify their vulnerability to Vulnerabilities in Cisco IOS and XE software, Cisco makes available a tool, the Cisco IOS Software Checker, which identifies all Cisco security consultants who impact a specific version of the software and the earliest version that addresses the vulnerabilities described in each Advisory (First Fixed). If necessary, the tool also returns the earliest version that fixes all vulnerabilities described in all identified advisories (“Combined First Fixed”). Cisco has released free software updates that address the security vulnerability described in this recommendation. Customers can only install software versions and functional games and expect support for which they have obtained a license.
. . .